Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/4-AjoNA7VOJ_UiimHqze6-r8mOc.roa
File: 4-AjoNA7VOJ_UiimHqze6-r8mOc.roa (raw, json)
Hash identifier: JTkL4x5ahR/KwObF9hG8YAZtFMXcuYYdoh4Dfvy4fEs=
Subject key identifier: E3:E0:23:A0:D0:3B:54:E2:7F:52:28:A6:1E:AC:DE:EB:EA:FC:98:E7
Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87
Certificate serial: 01942067EF442E27016AC0803DC4B235FD6C
Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/4-AjoNA7VOJ_UiimHqze6-r8mOc.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9120
IP address blocks: 80.70.8.0/21 maxlen: 21
92.43.88.0/21 maxlen: 21
185.221.247.0/24 maxlen: 24
185.238.192.0/22 maxlen: 22
212.97.136.0/22 maxlen: 22
212.97.144.0/20 maxlen: 20
2a04:3f80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ef:44:2e:27:01:6a:c0:80:3d:c4:b2:35:fd:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3e023a0d03b54e27f5228a61eacdeebeafc98e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:ba:73:8c:6d:c5:8a:b1:e1:2a:97:98:77:
8a:8c:55:e2:04:9d:69:b9:ef:88:e2:07:f7:ec:b6:
53:25:93:17:49:ce:77:26:ec:dc:ca:e7:8e:39:9d:
0e:71:50:59:20:eb:75:73:ff:88:5c:d9:67:b3:69:
54:2a:b7:23:ee:3d:43:82:e1:a7:cd:b2:3d:ef:d0:
ff:56:e5:9f:ab:dc:cc:62:37:a7:b3:4b:6f:fc:c0:
10:60:5c:9e:d4:36:01:a6:e7:82:ba:4a:78:04:49:
bd:be:e3:c6:ae:f5:a0:13:d4:0f:00:69:a6:c5:b0:
c6:ea:6e:d7:15:ad:df:c1:fb:d6:ff:62:b3:e4:bc:
78:6e:c9:f0:de:0b:4b:20:b9:2d:c7:d8:51:6d:14:
ee:bc:cc:c4:e9:b5:4b:87:a1:11:4b:6e:21:32:eb:
b0:55:e0:ea:d3:d7:d0:00:ec:a1:ab:6c:1c:25:50:
9e:33:07:f3:62:d1:83:86:82:a0:ae:66:a9:d4:58:
be:c2:06:69:73:e9:db:e7:67:89:3b:42:29:9e:43:
f7:70:a7:14:f2:a4:07:3b:ef:8f:21:e4:03:9c:c2:
c0:7e:c8:80:46:fc:ba:bd:f5:18:29:4f:ca:16:16:
13:a2:e9:f3:4b:ff:ba:67:6e:9a:80:87:71:b2:d1:
90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E0:23:A0:D0:3B:54:E2:7F:52:28:A6:1E:AC:DE:EB:EA:FC:98:E7
X509v3 Authority Key Identifier:
keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/4-AjoNA7VOJ_UiimHqze6-r8mOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.8.0/21
92.43.88.0/21
185.221.247.0/24
185.238.192.0/22
212.97.136.0/22
212.97.144.0/20
IPv6:
2a04:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
73:b4:84:f9:b5:4d:45:53:26:22:6a:34:48:24:de:68:7b:8c:
fb:6c:82:3f:cd:7c:3d:72:11:79:a3:dd:8a:ab:99:cf:00:d6:
ef:99:0f:98:51:f8:39:69:d7:ee:68:3d:5a:99:21:22:44:04:
8c:a3:1f:d0:e1:cd:93:69:b9:d9:ea:5e:f7:1a:59:89:ef:da:
76:02:31:a5:1d:15:46:46:eb:c4:ed:9c:b9:88:72:7c:6c:df:
88:97:ed:29:73:76:2f:38:55:39:10:6b:ba:63:78:6e:8d:a7:
dd:05:60:4a:4e:5a:86:e2:10:5c:cd:27:10:7e:3c:bb:d0:b5:
4a:64:ad:98:fd:ac:1d:b1:90:ab:ff:21:bb:33:74:5c:87:3a:
c9:97:31:8c:53:02:c3:4d:77:86:26:ad:fd:94:18:66:86:f2:
fb:04:0c:cf:e8:86:81:bf:ba:f3:f3:8f:50:52:a0:59:0e:00:
19:72:14:0e:45:59:fe:ee:2c:88:a5:d2:14:bd:9f:36:09:12:
96:93:08:e5:fc:65:d8:e1:74:4e:e7:66:6d:58:1e:03:c5:a4:
de:31:19:4d:3e:12:ee:c9:93:25:34:82:69:82:76:42:59:ae:
ec:35:b9:83:a5:25:39:99:d2:22:1e:0f:0f:39:6e:c2:db:95:
a9:25:e5:d3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQgZ+9ELicBasCAPcSyNf1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZjFkMGRiZTA5M2M3MjIzNTA2MThmNDA0NWMyNWJhOTQz
MTdmODcwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2UwMjNhMGQwM2I1NGUyN2Y1MjI4YTYxZWFjZGVlYmVhZmM5OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqC6c4xtxYqx4SqXmHeKjFXiBJ1p
ue+I4gf37LZTJZMXSc53JuzcyueOOZ0OcVBZIOt1c/+IXNlns2lUKrcj7j1DguGn
zbI979D/VuWfq9zMYjens0tv/MAQYFye1DYBpueCukp4BEm9vuPGrvWgE9QPAGmm
xbDG6m7XFa3fwfvW/2Kz5Lx4bsnw3gtLILktx9hRbRTuvMzE6bVLh6ERS24hMuuw
VeDq09fQAOyhq2wcJVCeMwfzYtGDhoKgrmap1Fi+wgZpc+nb52eJO0IpnkP3cKcU
8qQHO++PIeQDnMLAfsiARvy6vfUYKU/KFhYTounzS/+6Z26agIdxstGQWwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOPgI6DQO1Tif1Ioph6s3uvq/JjnMB8GA1UdIwQY
MBaAFBDx0Nvgk8ciNQYY9ARcJbqUMX+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYt
MmYwYTZiZGJiZTUxLzEvNC1Bam9OQTdWT0pfVWlpbUhxemU2LXI4bU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MDVmMWMtMGQ3YS00YmQzLTg4YjYtMmYwYTZiZGJiZTUx
LzEvRVBIUTItQ1R4eUkxQmhqMEJGd2x1cFF4ZjRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDUEYIAwQD
XCtYAwQAud33AwQCue7AAwQC1GGIAwQE1GGQMA0EAgACMAcDBQMqBD+AMA0GCSqG
SIb3DQEBCwUAA4IBAQBztIT5tU1FUyYiajRIJN5oe4z7bII/zXw9chF5o92Kq5nP
ANbvmQ+YUfg5adfuaD1amSEiRASMox/Q4c2TabnZ6l73GlmJ79p2AjGlHRVGRuvE
7Zy5iHJ8bN+Il+0pc3YvOFU5EGu6Y3hujafdBWBKTlqG4hBczScQfjy70LVKZK2Y
/awdsZCr/yG7M3RchzrJlzGMUwLDTXeGJq39lBhmhvL7BAzP6IaBv7rz849QUqBZ
DgAZchQORVn+7iyIpdIUvZ82CRKWkwjl/GXY4XRO52ZtWB4DxaTeMRlNPhLuyZMl
NIJpgnZCWa7sNbmDpSU5mdIiHg8POW7C25WpJeXT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:18 2025 by rpki-client on console.sobornost.net